The Securities and Exchange Board of India (SEBI) vide its circular dated 2nd May, 2022 has revised the existing framework on system and network audit market infrastructure institutions (MIIs), in order to keep pace with the technological advancement in the securities market.
The framework mandates the stock exchanges, clearing corporations and depositories to conduct an Annual System Audit by a reputed independent auditor. The market infrastructure institutions (MIIs) are also required to submit information with regard to exceptional major Non-Compliances (NCs)/ minor NCs observed in the System and Network audit in the prescribed format and are required to categorically highlight those observations/NCs/suggestions pointed out in the System and Network audit (current and previous) which remain open.
The Systems and Network audit Report including compliance with SEBI circulars/ guidelines and exceptional observation format along with compliance status of previous year observations shall be placed before the Governing Board of the MII and then the report along with the comments of the Management of the MII shall be communicated to SEBI within a month of completion of audit.
Further, along with the audit report, MIIs are required to submit a Joint declaration from the Managing Director(MD)/Chief Executive Officer(CEO) and Chief Technology Officer (CTO) certifying
- The security and integrity of their IT Systems.
- correctness and completeness of data provided to the Auditor
- entire network architecture, connectivity (including co-lo facility) and its linkage to the trading infrastructure are in conformity with SEBI’s regulatory framework to provide fair equitable, transparent and non-discriminatory treatment to all the market participants.